Over 90 Total Lots Up For Auction at One Location - WA 04/08

Why IoT security isn’t enough for IoMT

September 25, 2018
Health IT
By Jonathan Langer

The connected medical device market is on a growth trajectory with more than 3.5 million medical devices in use today. From a security perspective, this translates to 3.5 million network connections that hackers can take advantage of to access sensitive patient information or worse, attack individual patients.

As the Internet of Medical Things (IoMT) landscape continues on this path, vendors adept at securing general Internet of Things (IoT) devices in operations, asset management, smart grids and consumer products are offering solution packages to protect connected medical devices.
stats
DOTmed text ad

Reveal Mobi Pro now available for sale in the US

Reveal Mobi Pro integrates the Reveal 35C detector with SpectralDR technology into a modern mobile X-ray solution. Mobi Pro allows for simultaneous acquisition of conventional & dual-energy images with a single exposure. Contact us for a demo at no cost.

stats

But these devices present unique security challenges that require clinical context to ensure the full visibility needed to meet them, and these general IoT vendors lack the foundational background in healthcare necessary for true IoMT security. Providers should not only be able to see that there are devices connected to their network, they also must be able to identify each connected device with great granularity (including manufacturer protocols) and have up-to-date information on risk ranking, device utilization, software maintenance and compliance data.

Medical devices aren’t printers and they shouldn’t be treated as such
Generally, provider networks look like any other organization’s network. Network managers armed with a variety of security and management tools safeguard the hospital or health system from potential breaches. Devices are organized by category – printers, mobile devices, equipment, etc. – to effectively and efficiently maintain network security, each having a specific set of rules and configurations according to industry best practices. Anything out of the ordinary requires remediation.

The primary function of medical devices is what separates them from the rest as they play a more direct role in aiding and improving patient care. Think of patient-centered devices connected to a hospital’s network – their purpose covers anything from measuring patient vitals, to delivering an accurate diagnostic picture for clinical decision guidance, to playing a pivotal clinical role with a direct impact on patient care. This also means they pose an array of different security risks, starting with the distinct differences between each device. Logically, this unique category of devices requires a more specialized set of rules and configurations designed to ensure a secure connection per device.

You Must Be Logged In To Post A Comment